Shadow AI: it’s more than ChatGPT
Shadow AI is broadly defined as employees using AI tools or features without management knowledge, oversight, or approval.
Asking ChatGPT questions in a browser tab is an obvious example, but there are lots of ways Shadow AI use is probably already occurring in your business.
Level 1 – the obvious. Staff using ChatGPT, Claude, or Gemini through personal accounts. Emails, summaries, spreadsheets.
Level 2 – the switched-on. AI features inside tools you already pay for. The summarise button in your inbox. The notetaker in your calls. The “ask AI” box that appeared in your CRM after an update.
Level 3 – the invisible. AI built into software that never announced it. Your data passes through it in the background – nothing to switch on or off, no magic wand icon. You may not even realise you’re using AI.
Your best people are likely reaching for these tools to do good work under pressure. It’s about efficiency, the desire to beat KPIs, or win back free time.
If one person on the team starts using AI to increase their productivity, pretty soon everybody else feels like they have to too.
In this way shadow AI is not so much a discipline problem.
It’s a governance problem.
Put simply, AI governance is the framework of rules, practices, and ethical guidelines used to ensure an AI tool or system is developed and deployed responsibly. It acts as guardrails – often known in compliance terminology as controls – that help to manage risks.
By establishing clear accountability and oversight throughout the AI’s lifecycle, governance ensures the technology operates transparently, safely, and in alignment with human and company values.
So what are the risks of Shadow AI?
Unapproved and ungoverned AI use can expose your business to a range of potential issues, including:
Data leakage and privacy exposure. Employees often paste sensitive company info – customer details, financial statements, source code, or internal contracts – into public AI tools.
Compliance and legal violations. Using unvetted AI tools without signed Data Processing Agreements (DPAs) can put businesses in breach of data privacy regulations, exposing them to fines, penalties, and reputational damage.
Errors and “hallucinations”. AI tools can produce fabricated or factually incorrect information. Without careful review, these errors can damage client trust.
Intellectual property loss. Proprietary designs, business strategies, or unique formulas submitted to free external AI platforms can lose their confidential status.
Cybersecurity and insurance risks. Browser extensions and unvetted AI plugins can expose your network to malware or unauthorised integrations. Many cyber insurance providers now require strict AI policies and oversight, the absence of which can lead to denied claims in the event of an incident.
Why it’s happening now
If creating a detailed spreadsheet takes weeks, and Claude can do it in ten seconds, which option would you choose?
Smart people will do what smart people always do – find efficient ways to increase their output.
So it makes sense that people are using AI. Menlo Security’s 2025 research found a 68% surge in shadow generative AI use across enterprise between 2024 and 2025.
The problem is that most businesses have no rules for AI at all – no guidance on what’s acceptable or who to ask – and workers are often unaware of the risks associated with pasting company information into AI tools.
During my research I’ve noticed some smaller companies tend to have an attitude of “we don’t need governance, that only applies to big companies”.
But smaller businesses are often more exposed to these risks, not less.
Big companies have IT teams and always-on telemetry tools specifically designed to notice unauthorised AI use. A 15-person medical practice doesn’t have these tools – and even the most sophisticated tools won’t catch somebody entering client details into ChatGPT on their personal phone.
The fix isn’t a crackdown. It’s a culture.
AI arrived so fast companies haven’t had time to implement policies, or even fully identify the risks. Microsoft’s Work Trend Index found the majority of knowledge workers are already using it – and most are bringing their own tools to work.
So how can you build a culture of openness, awareness, and accountability around responsible AI use?
Give each AI use case an owner
Not to have someone to blame – the opposite.
Blame is what you reach for after something breaks and nobody was watching. Accountability is what stops it breaking in the first place.
An owner is a guardian, not a fall guy: one named person who keeps an eye on one AI use case. They are the person who has the responsibility to manage an AI use case, and – this is key – the authority and backing of the company to control how it is used.
1. Define the AI use case
The responsibility: clearly state exactly what the tool is used for. “Reception uses ChatGPT to draft replies to customer enquiries.”
The authority: the owner requires the formal power to veto unapproved use cases. If an employee tries to use ChatGPT to draft a legal contract, the owner has the authority to stop them immediately.
2. Know what data goes in
The responsibility: maintain total visibility over what information is entered into the AI, ensuring sensitive client, financial, or health data is strictly protected.
The authority: the owner has the authority to inspect how the team uses the tool, and to require management to fund secure, paid business tiers so data is not leaked to public models.
3. Answer “who decided this?”
The responsibility: be the named person who stands behind the tool when a client, auditor, or the business owner asks questions. Keeping an immutable paper trail of all key decisions regarding what is and isn’t permitted.
The authority: the owner must be backed by senior management as the sole decision-maker for that tool. Because management officially gave them the green light, the owner cannot be scapegoated if an unpreventable technical glitch occurs.
4. Flag changes
The responsibility: monitor the tool’s usage and issue an immediate pause-and-review order if scope-creep occurs, or if the AI tool begins touching more sensitive data.
The authority: the owner must have a direct line to executive management. When they flag a risk or a change in usage, the business owner needs to have their back until a formal review is conducted.
Choosing the right owner – and making sure they can actually do the job without being overruled – is its own question. We’ve written about that separately: [link to ownership post].
Shadow AI detection tools versus just asking
There is a class of software tools that detect shadow AI by monitoring your team’s computer usage to various degrees of sophistication and detail – from simply identifying that your team is using an AI tool – for instance we can see they connected with ChatGPT’s internet address, but we don’t know what they’re entering – to invasive systems that log every single keystroke on your team’s devices.
These tools have a place, but they also have limits.
Even if you spent thousands of dollars on enterprise-grade network monitoring and laptop tracking, it becomes irrelevant the moment an employee pulls out their personal mobile phone.
If a staff member is working from home and they turn on their personal laptop on their personal 5G data plan, your corporate IT department is completely blind.
Worse, when you rely heavily on technical surveillance and spy software, you implicitly signal to your staff: “We don’t trust you, we are watching you.”
That destroys morale and creates a culture of distrust. It challenges people to find clever workarounds.
Cultivating a culture of open communication creates a far safer business.
When employees feel safe to say, “Hey, I tried using this AI tool today to help me summarise this long client PDF, is that okay?” – you can actually identify and manage the risk.
For most businesses, asking beats detecting.
Don’t ban AI – manage it
Shadow AI isn’t proof your team is reckless. It’s proof they’re working better, faster than the business caught up.
Treat it as a crime and it goes underground.
Treat it as a signal and it shows you where your useful tools – and your real risks – sit.
The should never be to ban AI. That wouldn’t work anyway – the floodgates are open.
It’s to move from “I think we’re probably okay” to “I can show we’re okay, and here’s why.”
Visible, owned, on the record.
Further reading
- IBM – What Is Shadow AI?
- IBM – Cost of a Data Breach Report 2025
- Proofpoint – What Is Shadow AI?
- Gartner – Critical GenAI blind spots CIOs must urgently address
- Menlo Security – 2025 report: 68% surge in shadow generative AI usage
- Proofpoint – The State of AI Security 2025
- IBM data breach costs and AI risk mitigation
- Microsoft – AI at Work Is Here. Now Comes the Hard Part
